First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 202770
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: ollonois <ollonois@gmx.de>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 202770 depends on: Show dependency tree
Bug 202770 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-12-19 11:38 0000 
Security

    * Fixed an issue where plug-ins could be used to allow cross domain
scripting, as reported by David Bloom. Details will be disclosed at a later
date.
    * Fixed an issue with TLS certificates that could be used to execute
arbitrary code, as reported by Alexander Klink (Cynops GmbH). Details will be
disclosed at a later date.
    * Rich text editing can no longer be used to allow cross domain scripting,
as reported by David Bloom. See our advisory.
    * Prevented bitmaps from revealing random data from memory, as reported by
Gynvael Coldwind. Details will be disclosed at a later date.

Reproducible: Always

------- Comment #1 From Robert Buchholz 2007-12-19 12:51:33 0000 ------- 
Thanks for reporting this to us, ollonois.

Jeroen, please advise.

------- Comment #2 From Jeroen Roovers 2007-12-19 14:51:11 0000 ------- 
www-client/opera-9.25 is in CVS.

------- Comment #3 From Robert Buchholz 2007-12-19 22:21:53 0000 ------- 
Arches, please test and mark stable www-client/opera-9.25.
Target keywords : "amd64 ppc sparc x86"

------- Comment #4 From Christian Faulhammer 2007-12-20 07:24:04 0000 ------- 
x86 stable

------- Comment #5 From Ferris McCormick 2007-12-20 13:38:51 0000 ------- 
Stable for sparc.  Appears to work fine.

------- Comment #6 From Tobias Scherbaum 2007-12-21 12:58:12 0000 ------- 
ppc stable

------- Comment #7 From Peter Weller 2007-12-22 12:42:08 0000 ------- 
amd64 stable

------- Comment #8 From Tobias Heinlein 2007-12-22 12:47:15 0000 ------- 
All arches done, GLSA request filed.

------- Comment #9 From Robert Buchholz 2007-12-24 23:51:35 0000 ------- 
CVE ids were assigned as follows:

CVE-2007-6520:
  Opera before 9.25 allows remote attackers to conduct cross-domain
  scripting attacks via unknown vectors related to plug-ins.

CVE-2007-6521
  Unspecified vulnerability in Opera before 9.25 allows remote attackers
  to execute arbitrary code via crafted TLS certificates.

CVE-2007-6522
  The rich text editing functionality in Opera before 9.25 allows remote
  attackers to conduct cross-domain scripting attacks by using
  designMode to modify contents of pages in other domains.

CVE-2007-6524
  Opera before 9.25 allows remote attackers to obtain potentially
  sensitive memory contents via a crafted bitmap (BMP) file.

------- Comment #10 From Pierre-Yves Rofes 2007-12-30 17:23:29 0000 ------- 
GLSA 200712-22
First Last Prev Next    No search results available      Search page      Enter new bug